European Digital Identity Wallet

• European Digital Identity (EUDI) Wallet is a pan-European digital identity solution enabling self-sovereign control over government-issued and third-party verifiable credentials.
• It leverages permissioned distributed ledger technology, advanced cryptographic methods, and zero-knowledge proofs to ensure secure, selective disclosure and document signing.
• The wallet complies with eIDAS 2.0 and GDPR, harmonizing cross-border eID, credential storage, and digital authentication for robust trust and interoperability.

The European Digital Identity (EUDI) Wallet is a pan-European, standards-driven digital identity solution defined and mandated under eIDAS 2.0 (Regulation (EU) 2024/1183). It provides every EU citizen and eligible resident with a secure, privacy-preserving, citizen-controlled application for storing, managing, and presenting government-issued and third-party verifiable credentials. The EUDI Wallet implements self-sovereign identity mechanics atop a permissioned distributed ledger infrastructure, enabling cross-border electronic identification (eID), credential storage, selective disclosure, cryptographic document signing, decentralized policy enforcement, and privacy-enhancing technologies compliant with GDPR and advanced European trust frameworks. Its core is federated by interoperable architectures leveraging the European Blockchain Services Infrastructure (EBSI), GLASS, and cross-sector open standards such as W3C Verifiable Credentials, Decentralized Identifiers, OpenID Connect, and zero-knowledge proof cryptography.

1. Core Objectives and Regulatory Framework

The EUDI Wallet is established as the universal digital identity container for all EU Member States under eIDAS 2.0, with mandatory rollout by 2024. Its primary objectives are:

• Providing citizen-centric, self-sovereign control over digital identity and personal attributes.
• Enabling electronic identification (eID) and authentication aligned with eIDAS levels (basic, advanced, qualified) and full GDPR compliance (data minimization, consent, right to erasure).
• Facilitating the storage and selective presentation of Verifiable Credentials (VCs)—including academic, driving, and social-security attestations—in a standard, cross-border format.
• Streamlining cross-border authentication and e-Government integration by leveraging the European Blockchain Services Infrastructure (EBSI) and the GLASS permissioned DLT, including its IPFS-backed governance layer for off-chain encrypted document storage and automated trust-policy enforcement.
• Harmonizing public services, mobility, transparency, and anti-fraud mechanisms across all EU Member States through interoperable credential verification and trust registries.
• Enabling fine-grained user control over attribute release and selective disclosure using cryptographic proofs, with a clear compliance path for future integration of zero-knowledge proofs and privacy-preserving document signing (Kasimatis et al., 2022, Domalis et al., 2021, Mayrhofer et al., 6 Oct 2025, Biedermann et al., 26 Sep 2024).

The architecture is designed to support eIDAS levels including advanced and qualified electronic signatures, with trust rooted in centrally managed PKI and trust registries (not public blockchains), conforming to NIS Directive and ISO/EN requirements for Trust Service Providers (Biedermann et al., 26 Sep 2024).

2. System and Protocol Architecture

The EUDI Wallet architecture is a multi-layered construct integrating wallet clients (mobile and desktop), core identity services, permissioned DLT, and off-chain encrypted storage:

• Wallet Client
  • Manages end-user key material (typically secp256k1, Ed25519, Bls12381, or ETSI-recommended curves) and user interface for onboarding, credential issuance, presentation, and cryptographic operations.
  • Provides biometric or PIN-protected authentication and secure key storage (Secure Element/TEE).
• Core Services
  • Implement identity provisioning APIs, digital signature and verification functions, encryption (AES-GCM), and access to trusted registries.
  • Orchestrate credential issuance via Qualified Trust Service Providers (QTSPs) and manage electronic Know-Your-Customer (KYC) flows.
• Chain & Storage
  • On-chain:
  • EBSI uses Hyperledger Besu for DID registry, credential metadata anchoring, and revocation state; GLASS employs Hyperledger Fabric for governance and cross-domain policy automation.
  • Off-chain:
  • IPFS private clusters host encrypted documents/blobs, indexed by content identifiers (CIDs).
  • The GLASS governance framework pins and records triplets (CID, URI, encrypted key) ensuring off-chain storage, off-chain deletion for right-to-be-forgotten, and privacy.
• Interoperability Layers
  • APIs for EBSI Wallet and GLASS Portal enable key and DID management, credential registration, and access policy enforcement.
  • Presentation protocols employ OIDC4VP and DIDComm for interactive and asynchronous attribute disclosure, as well as DLT-based audit trails and attribute-based access control (Kasimatis et al., 2022, Domalis et al., 2021, Jacobino et al., 2022, Jóźwik et al., 13 Jul 2025).

Credential issuance and verification flow:

1. Onboarding: Wallet generates DID and asymmetric keys, posts DID Document to EBSI.
2. Issuance: Issuer (QTSP) creates VC in W3C JSON-LD format, signs using private key; VC is stored in the wallet (optionally encrypted and pinned to IPFS).
3. On-chain Anchoring: Minimal metadata (hash, issuer DID, timestamp) is recorded to EBSI.
4. Presentation: Holder supplies VC and signature, optionally a zero-knowledge presentation; Verifier checks issuer DID and signature on-chain, retrieves encrypted documents if needed.
5. Revocation: Issuer updates on-chain revocation lists or status contracts; wallet and verifiers regularly check these ahead of credential use (Kasimatis et al., 2022).

3. Cryptographic Primitives, Pseudonymity, and Privacy-Enhancing Technologies

Digital Signatures and Encryption

• All credentials, presentations, and signatures employ ECDSA/secp256k1, Ed25519, BBS+ on Bls12-381 (for selective disclosure), and authenticated encryption (AES-256-GCM) for document security.
• Public keys and DIDs are publicly resolvable via EBSI registry, while key material is exclusively wallet-bound and hardware-protected.
• Key wrapping and content-addressed storage underpin secure off-chain data management (Kasimatis et al., 2022, Jacobino et al., 2022, Jóźwik et al., 13 Jul 2025).

Selective Disclosure and Zero-Knowledge Proofs

• Current and planned wallet flows support selective attribute release using predicate proofs (e.g., Schnorr, Pedersen commitments, BBS+) for range, set-membership, and Boolean predicates:

$c = g^a\,h^r \bmod p$

• General-purpose zk-SNARKs (Groth16, Plonk) enable advanced anonymous credential presentations, including designated-verifier proofs and non-interactive, highly efficient attribute showing.
• Performance benchmarks: zk-SNARK proofs in <1s on mobile hardware for common circuits (e.g., reveal-one-attribute); verification cost is negligible (≈1ms) (Babel et al., 2023).

Pseudonym System

• To meet strong privacy and anti-Sybil requirements, EUDI pseudonyms are derived from a per-credential high-entropy seed $pns$, pseudorandomized per interaction scope and (optional) index:

$nym = HMAC_{pns}(scp \,\|\, idx)$

• The pseudonym system must be sound, unforgeable, unlinkable (even under Issuer+RP collusion), unobservable, with support for transferability and scope-exclusivity per service or domain, and is realized via either (i) generic ZKPs with HMAC pseudonyms, or (ii) BBS signatures with DH-style pseudonyms (Mayrhofer et al., 6 Oct 2025).
• Selective disclosure is natively supported: only explicitly revealed attributes can be read by a relying party, with cryptographic confirmation of Issuer-originating fields.

Revocation

• On-chain credential status lists (EBSI), off-chain public hash tables, and advanced privacy-preserving mechanisms (including anonymous hierarchical IBE-based constructions with per-day/time flexibility) are supported.
• Time-flexible, unlinkable revocation via AHIBE restricts Verifier revocation-check visibility, so neither Issuer nor Verifier can track presentation events beyond Holder-authorized intervals (Buccafurri et al., 27 Mar 2025).

4. Data Models, Standards, and Interoperability

• Credentials:
  • W3C Verifiable Credentials (VC), JSON-LD format, supporting arbitrary claims, schema URIs, issuer/linking proof blocks.
  • DID Documents in W3C format, with on-chain/public anchoring.
• Protocols:
  • OIDC4VCI/OIDC4VP: OIDC-based credential issuance (OID4VCI) and presentation (OID4VP), supporting SD-JWT for selective disclosure.
  • DIDComm and REST/JSON-RPC APIs for service interoperability.
• Ecosystem linkage:
  • Compliance with eIDAS/ETSI and ISO/EN standards, supporting both "qualified" and "advanced" signature schemes.
  • Strict requirement that trust anchors reside in central EU PKI, not public-permissionless ledgers.
  • Lifecycle integration with legacy e-Government systems via secure API gateways and schema transformers (e.g., ML-based mapping of national records to EUDI JSON-LD credentials) (Biedermann et al., 26 Sep 2024, Domalis et al., 2021).
• Cross-Web3 Interoperation:
  • Identity bridges support wrapping of OIDC credentials, doing claim-level hashing, Merkle anchoring, and providing ZKP-based selective disclosure toward Web3 dApps, while ensuring crypto-agile and LoA-compliant operation (Biedermann et al., 26 Sep 2024).

5. User Experience, Access Control, and Governance

User Experience

• Biometric/PIN authentication for wallet access and key use.
• Guided onboarding: automatic KYC, proof-of-possession, DID generation.
• Policy editors and rule-based attribute selection for credential presentation.
• Document and credential management—including encrypted storage, backup, device migration, and recovery via cloud or passkey protocols.

Fine-Grained Access Control

• Attribute-based access control (ABAC) is enforced via Boolean predicate policies over credential contents, with cryptographic validation at every access (including range and membership proofs for hidden attributes).
• Policy enforcement is always local to the user device (in architectures such as TrustVault), never relying on cloud or trusted third parties for runtime data access mediation (Jacobino et al., 2022).

Governance and Trust Framework

• Node operation and credential issuance governed by permissioned consortiums (EBSI, GLASS), including Member State authorities, Trust Service Operators, and Data Protection Authorities with defined roles.
• Smart contracts and governance logic control membership, revocation, and dispute resolution.
• Credential status events, trusted issuer validation, consent auditing, and DLT-anchored logs support technical and legal accountability (Domalis et al., 2021).

6. Scalability, Performance, and Deployment

• Permissioned DLTs (Hyperledger Besu/Fabric) are tuned for throughput, resilience against network latency, and GDPR-compliant data residency.
• IPFS private clusters and garbage collection strategies ensure storage scalability and efficient RtbF implementation.
• ZKP and cryptographic proof performance are shown practical on commodity smartphones; sub-second proof generation is achievable for standard circuits using optimized backends (Babel et al., 2023, Jóźwik et al., 13 Jul 2025).
• Real-world deployments such as TrustVault implement a fully peer-to-peer, serverless, open-source infrastructure, eliminating Big Tech intermediaries and enabling transparent, community-governed operation (Jacobino et al., 2022).
• Wallet onboarding, issuance, and presentation flows are validated in formal EBSI conformance and usability tests, including human-computer interaction studies highlighting the criticality of explicit issuer metadata, signature clarity, and avoidance of unwarranted UI trust cues (Last et al., 9 Oct 2024).

7. Applications, Limitations, and Research Directions

• Use cases include cross-border academic diploma validation, privacy-preserving e-voting (with Sybil-resistant registration and anonymous ballot casting), secure document signing, and policy-driven data-sharing across government and private sectors (Kasimatis et al., 2022, Jóźwik et al., 13 Jul 2025, Last et al., 9 Oct 2024).
• Current architectural limitations involve protocol cryptographic agility (interoperation with Web3/public chains), revocation scalability and freshness, UX modeling for consent and selective disclosure, and post-quantum security.
• Research continues in:
  • Universal and composable ZK frameworks for wallets (zero-knowledge VMs, circuit generation).
  • Quantum-resistant anonymous credential and pseudonym systems.
  • Threshold trust distribution for credential revocation and issuance.
  • Integration of advanced privacy features such as designated-verifier proofs, multi-device key backup, mixnet communication, and network-level anonymity (Babel et al., 2023, Mayrhofer et al., 6 Oct 2025, Buccafurri et al., 27 Mar 2025).

The EUDI Wallet, as realized through coordinated EU digital governance initiatives and advanced cryptographic techniques, constitutes a highly secure, standards-compliant, privacy-assuring digital identity meta-platform—supporting federated governance, scalable performance, and user-sovereign operation in a heterogenous regulatory and technology landscape (Kasimatis et al., 2022, Jacobino et al., 2022, Domalis et al., 2021, Jóźwik et al., 13 Jul 2025, Last et al., 9 Oct 2024, Mayrhofer et al., 6 Oct 2025, Babel et al., 2023, Buccafurri et al., 27 Mar 2025, Biedermann et al., 26 Sep 2024).